Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.iam.ida.api
Interface ScanRunManager

public interface ScanRunManager

Public API for ScanRun entity operations.

Method Summary
 java.lang.String createAccessRequestPreventivePreviewScan(RequestData requestData)
          Deprecated. 11.1.2.3.0 This method is for OIM internal use only and might be removed in a future release. Use ScanRunManager.createUserPreventivePreviewScan(oracle.iam.request.vo.RequestData, boolean, java.util.Set)
 java.lang.String createDetectivePreviewScan(BasicSelectionCriteria userCriteria, java.lang.String policyId)
          Perform an asynchronous detective preview scan of the specified users using the specified audit policy.
 boolean createDetectiveScan(java.lang.String scanDefinitionName, java.lang.String jobName, Trigger trigger)
          Create and schedule a job to run a detective scan using the given IDA Scan definition.
 java.lang.String createRoleLCMPreventivePreviewScan(Role role, java.lang.String requestId)
          Deprecated. 11.1.2.3.0 This method is for OIM internal use only and might be removed in a future release. Use ScanRunManager.createRolePreventivePreviewScan(oracle.iam.identity.rolemgmt.vo.Role, boolean, java.util.Set)
 java.lang.String createRolePreventivePreviewScan(Role role, boolean useDefaultPolicySet, java.util.Set auditPolicyIds)
          Perform a synchronous audit policy scan to find the set of violations that would be introduced if the specified role were to be modified by the addition or removal of the access policies as specified in the Role attributes.
 java.lang.String createUserPreventivePreviewScan(RequestData requestData, boolean useDefaultPolicySet, java.util.Set policyIds)
          Perform a synchronous audit policy scan to find the set of violations that would be introduced if the specified request (requestData) were granted.
 void deleteByScanToken(java.lang.String scanToken)
          Delete the ScanRun entity identified by the supplied scanToken.
 java.util.List findPolicyScanRuns(java.lang.String policyId, SearchCriteria criteria, java.util.Set retAttrs, java.util.Map configParams)
          Return list of ScanRun entities matching the search criteria for the policy Id.
 java.util.List findPolicyViolations(java.lang.String scanRunId, SearchCriteria policyViolationCriteria, java.util.Set retAttrs, java.util.Map configParams)
          For the specified scan run find the PolicyViolation entities matching the search criteria.
 ScanRun getDetails(java.lang.String scanRunId, java.util.Set retAttrs)
          Return specified ScanRun entity populated with specified attributes.
 java.util.List search(SearchCriteria criteria, java.util.Set retAttrs, java.util.Map configParams)
          Return list of ScanRun entities matching the search criteria.
 void stopDetectivePreviewScan(java.lang.String scanToken)
          Stop the asynchronous policy preview scan.

 

Method Detail

createAccessRequestPreventivePreviewScan

@Deprecated
java.lang.String createAccessRequestPreventivePreviewScan(RequestData requestData)
                                                          throws InvalidArgumentException
Deprecated. 11.1.2.3.0 This method is for OIM internal use only and might be removed in a future release. Use ScanRunManager.createUserPreventivePreviewScan(oracle.iam.request.vo.RequestData, boolean, java.util.Set)

Authorization: Caller must be authorized to submit requestData

Parameters:
requestData -
Returns:
Throws:
InvalidArgumentException

createDetectivePreviewScan

java.lang.String createDetectivePreviewScan(BasicSelectionCriteria userCriteria,
                                            java.lang.String policyId)
                                            throws InvalidArgumentException
Perform an asynchronous detective preview scan of the specified users using the specified audit policy.
Parameters:
userCriteria - criteria to be used when selecting users for the scan
policyId - ID of the audit policy to be used for the scan
Returns:
the token associated with the scan run. The token can be used to manage the scan run and to retrieve PolicyViolations produced by the scan; null if no violations were produced.
Throws:
InvalidArgumentException

createDetectiveScan

boolean createDetectiveScan(java.lang.String scanDefinitionName,
                            java.lang.String jobName,
                            Trigger trigger)
                            throws AlreadyExistsException,
                                   InvalidArgumentException
Create and schedule a job to run a detective scan using the given IDA Scan definition.
Parameters:
scanDefinitionName - - name of the definition to use for the job
jobName - - name for the job
trigger - - scheduling information. If trigger is null, job will be added in the system but will not run.
Returns:
true if successful
Throws:
AlreadyExistsException
InvalidArgumentException

createRoleLCMPreventivePreviewScan

@Deprecated
java.lang.String createRoleLCMPreventivePreviewScan(Role role,
                                                               java.lang.String requestId)
                                                    throws InvalidArgumentException
Deprecated. 11.1.2.3.0 This method is for OIM internal use only and might be removed in a future release. Use ScanRunManager.createRolePreventivePreviewScan(oracle.iam.identity.rolemgmt.vo.Role, boolean, java.util.Set)
Perform a synchronous audit policy scan to find the set of violations that would be introduced if the specified role were to be modified by the addition or removal of the access policies as specified in the Role attributes
Parameters:
role - the Role instance to examine
requestId - required during request approval (supposing the request was submitted with one or more outstanding violations)
Returns:
a token that can be used to retrieve PolicyViolations produced by the scan; null if no violations were produced
Throws:
InvalidArgumentException

createRolePreventivePreviewScan

java.lang.String createRolePreventivePreviewScan(Role role,
                                                 boolean useDefaultPolicySet,
                                                 java.util.Set auditPolicyIds)
                                                 throws InvalidArgumentException
Perform a synchronous audit policy scan to find the set of violations that would be introduced if the specified role were to be modified by the addition or removal of the access policies as specified in the Role attributes.

Caller may set useDefaultPolicySet to TRUE and provide zero or more audit policy IDs to augment the default list, or may set the flag to false and provide one or more audit policy IDs to be scanned.

Parameters:
role - the Role instance to examine
useDefaultPolicySet - if true, the scan will use default and any additional policies specified; otherwise, the scan will not use default policies
auditPolicyIds - Additional policies to apply
Returns:
a token that can be used to retrieve PolicyViolations produced by the scan; null if no violations were produced
Throws:
InvalidArgumentException

createUserPreventivePreviewScan

java.lang.String createUserPreventivePreviewScan(RequestData requestData,
                                                 boolean useDefaultPolicySet,
                                                 java.util.Set policyIds)
                                                 throws InvalidArgumentException
Perform a synchronous audit policy scan to find the set of violations that would be introduced if the specified request (requestData) were granted. Caller may set useDefaultPolicySet to TRUE and provide zero or more policy IDs to augment the default list, or may set the flag to false and provide one or more policy IDs to be scanned.
Parameters:
requestData - Request data which includes users (Beneficiary) and requested access (RequestBeneficiaryEntity)
useDefaultPolicySet - if true, the scan will use default and any additional policies specified; otherwise, the scan will not use default policies
policyIds - Additional policies to apply
Returns:
a token that can be used to retrieve PolicyViolations produced by the scan; null if no violations were produced
Throws:
InvalidArgumentException

deleteByScanToken

void deleteByScanToken(java.lang.String scanToken)
                       throws InvalidArgumentException
Delete the ScanRun entity identified by the supplied scanToken. Any associated preview policy violations will also be deleted.
Parameters:
scanToken - Token associated with a preview scan and violations
Throws:
InvalidArgumentException

getDetails

ScanRun getDetails(java.lang.String scanRunId,
                   java.util.Set retAttrs)
                   throws InvalidArgumentException
Return specified ScanRun entity populated with specified attributes.
Parameters:
scanRunId - - ID of entity to be retrieved.
retAttrs - - Attributes to be loaded. Use null to get all attributes.
Returns:
ScanRun object containing specified attributes.
Throws:
InvalidArgumentException

search

java.util.List search(SearchCriteria criteria,
                      java.util.Set retAttrs,
                      java.util.Map configParams)
Return list of ScanRun entities matching the search criteria. Each returned entity will be populated with specified attributes. Range of items can be specified using configParams Ordering of items can be specified using configParams
Parameters:
criteria - search criteria indicating which objects to retrieve. Use null to get all objects.
retAttrs - attributes to be filled in for each object returned. Use null to get all attributes.
configParams - Parameters to configure ordering and range of results. Use null to get all results without sorting. There are four configuration parameters: STARTROW, ENDROW, SORTEDBY and SORTORDER. Defined as String constants in package oracle.iam.identity.utils.Constants: SEARCH_STARTROW, SEARCH_ENDROW, SEARCH_SORTEDBY and SEARCH_SORTORDER

The STARTROW and ENDROW parameters indicate the subset of the complete search result to be fetched. Default values are -1 (complete results are returned). If ENDROW < STARTROW then an IllegalArgumentException is thrown

The SORTEDBY parameter indicates the attribute used for sorting. This parameter is optional and set to null by default.

The SORTORDER parameter indicates order of sorting: ASCENDING or DESCENDING. Defined as an enum in package oracle.iam.platform.entitymgr.spi.entity.Searchable.SortOrder. This parameter is optional and is ASCENDING by default.

Returns:
list of ScanRun objects containing specified attributes.

NOTE: Can throw IDAEngineException - A runtime exception containing information on how to find detailed information in a server log.

findPolicyViolations

java.util.List findPolicyViolations(java.lang.String scanRunId,
                                    SearchCriteria policyViolationCriteria,
                                    java.util.Set retAttrs,
                                    java.util.Map configParams)
For the specified scan run find the PolicyViolation entities matching the search criteria. Each returned entity will be populated with specified attributes. Range of items can be specified using configParams Ordering of items can be specified using configParams
Parameters:
policyViolationCriteria - Search criteria indicating which objects to retrieve. Use null to get all objects.
retAttrs - Attributes to be filled in for each object returned. Use null to get all attributes.
configParams - Parameters to configure ordering and range of results. Use null to get all results without sorting. There are four configuration parameters: STARTROW, ENDROW, SORTEDBY and SORTORDER. Defined as String constants in package oracle.iam.identity.utils.Constants: SEARCH_STARTROW, SEARCH_ENDROW, SEARCH_SORTEDBY and SEARCH_SORTORDER

The STARTROW and ENDROW parameters indicate the subset of the complete search result to be fetched. Default values are -1 (complete results are returned). If ENDROW < STARTROW then an IllegalArgumentException is thrown

The SORTEDBY parameter indicates the attribute used for sorting. This parameter is optional and set to null by default.

The SORTORDER parameter indicates order of sorting: ASCENDING or DESCENDING. Defined as an enum in package oracle.iam.platform.entitymgr.spi.entity.Searchable.SortOrder. This parameter is optional and is ASCENDING by default.

Returns:
List of PolicyViolation objects containing specified attributes.

NOTE: Can throw IDAEngineException - A runtime exception containing information on how to find detailed information in a server log.

findPolicyScanRuns

java.util.List findPolicyScanRuns(java.lang.String policyId,
                                  SearchCriteria criteria,
                                  java.util.Set retAttrs,
                                  java.util.Map configParams)
Return list of ScanRun entities matching the search criteria for the policy Id. Each returned entity will be populated with specified attributes. Range of items can be specified using configParams Ordering of items can be specified using configParams
Parameters:
policyId - PolicyId in question for associated preview scan runs.
criteria - Search criteria indicating which objects to retrieve. Use null to get all objects.
retAttrs - Attributes to be filled in for each object returned. Use null to get all attributes.
configParams - Parameters to configure ordering and range of results. Use null to get all results without sorting. There are four configuration parameters: STARTROW, ENDROW, SORTEDBY and SORTORDER. Defined as String constants in package oracle.iam.identity.utils.Constants: SEARCH_STARTROW, SEARCH_ENDROW, SEARCH_SORTEDBY and SEARCH_SORTORDER

The STARTROW and ENDROW parameters indicate the subset of the complete search result to be fetched. Default values are -1 (complete results are returned). If ENDROW < STARTROW then an IllegalArgumentException is thrown

The SORTEDBY parameter indicates the attribute used for sorting. This parameter is optional and set to null by default.

The SORTORDER parameter indicates order of sorting: ASCENDING or DESCENDING. Defined as an enum in package oracle.iam.platform.entitymgr.spi.entity.Searchable.SortOrder. This parameter is optional and is ASCENDING by default.

Returns:
List of ScanRun objects containing specified attributes. NOTE: Can throw IDAEngineException - A runtime exception containing information on how to find detailed information in a server log.

stopDetectivePreviewScan

void stopDetectivePreviewScan(java.lang.String scanToken)
                              throws InvalidArgumentException
Stop the asynchronous policy preview scan.
Parameters:
scanToken - token returned by ScanRunManager.createDetectivePreviewScan(oracle.iam.certification.vo.BasicSelectionCriteria, java.lang.String)
Throws:
InvalidArgumentException

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2015, Oracle and/or its affiliates. All rights reserved.